Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BoEIaQB-LgvAW5dFrdTQ5myxGaw.roa
File: BoEIaQB-LgvAW5dFrdTQ5myxGaw.roa (raw, json)
Hash identifier: tx1PC49xXzgoOSFgGNv9zBEZGgRKxtkXnCKAz0yynAU=
Subject key identifier: 06:81:08:69:00:7E:2E:0B:C0:5B:97:45:AD:D4:D0:E6:6C:B1:19:AC
Certificate issuer: /CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Certificate serial: 01874C831860FB2973CB78DE5BFDB3F5D562
Authority key identifier: 74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BoEIaQB-LgvAW5dFrdTQ5myxGaw.roa
Signing time: Tue 04 Apr 2023 13:44:32 +0000
ROA not before: Tue 04 Apr 2023 13:44:32 +0000
ROA not after: Mon 01 Jul 2024 00:00:00 +0000
asID: 198988
IP address blocks: 146.158.31.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:87:4c:83:18:60:fb:29:73:cb:78:de:5b:fd:b3:f5:d5:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=749122c35438a4eb26233fdc6e4bb1df2daaef42
Validity
Not Before: Apr 4 13:44:32 2023 GMT
Not After : Jul 1 00:00:00 2024 GMT
Subject: CN=06810869007e2e0bc05b9745add4d0e66cb119ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:62:39:f0:f1:e0:0b:b6:3d:26:1c:2c:56:09:
14:c5:4a:ce:bc:53:29:08:a5:15:b7:07:c9:23:a2:
b8:29:b7:e1:af:e7:cd:ee:c5:6d:b3:70:b7:fa:34:
c2:52:27:8a:86:95:e1:06:46:3b:6d:bf:77:7d:5e:
b3:b8:d8:c8:f0:4d:8f:7f:9e:96:d4:e2:6a:6e:04:
0e:b0:79:68:9d:aa:0b:02:18:8b:26:4f:0e:24:d4:
ae:da:48:bd:57:da:32:7c:a1:fe:c5:0f:e8:46:e3:
6d:40:b3:82:92:3e:db:e1:e3:df:42:73:19:59:f2:
87:bd:79:9a:ef:d3:08:06:9d:ca:db:36:57:90:14:
eb:27:57:50:35:49:4e:d6:f5:76:f3:86:38:64:f3:
9f:0f:79:9c:ac:9d:72:a3:87:91:51:1f:92:58:c3:
a4:5b:95:cf:6d:c2:60:0e:c4:73:36:1c:07:81:79:
e0:89:0c:f9:dd:0f:7f:3d:e3:83:c3:c6:2d:32:8a:
4e:28:05:8f:e7:26:e8:e7:1e:4a:a6:4b:de:c3:0c:
33:9b:cd:40:cb:8a:ff:aa:09:fb:34:18:6f:28:f1:
53:ea:51:e6:ed:bc:85:b8:39:81:0d:83:b0:73:48:
d2:e2:b4:73:8c:cb:d9:73:a3:5e:94:86:32:77:da:
d8:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:81:08:69:00:7E:2E:0B:C0:5B:97:45:AD:D4:D0:E6:6C:B1:19:AC
X509v3 Authority Key Identifier:
keyid:74:91:22:C3:54:38:A4:EB:26:23:3F:DC:6E:4B:B1:DF:2D:AA:EF:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dJEiw1Q4pOsmIz_cbkux3y2q70I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/BoEIaQB-LgvAW5dFrdTQ5myxGaw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/18a91c-0e77-45c9-8cc4-062c6933abed/1/dJEiw1Q4pOsmIz_cbkux3y2q70I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
146.158.31.0/24
Signature Algorithm: sha256WithRSAEncryption
32:81:fe:28:5b:c7:7c:02:fc:54:29:9a:d1:7a:3d:4f:fa:b1:
cd:40:a3:81:12:1a:92:9e:4e:74:0d:11:71:e2:05:36:96:8f:
b1:82:c0:6f:dc:ba:55:2a:b0:5f:5a:e4:b6:c5:cd:94:52:31:
07:ca:21:00:9f:3c:17:31:ab:00:a2:fe:62:36:08:28:a2:36:
ab:79:19:36:40:d6:b7:5f:e7:85:db:00:66:69:c6:36:ea:7c:
02:d6:e5:32:bb:fa:68:5f:48:00:47:5d:fc:fe:f2:d9:1d:fa:
0b:36:b6:54:08:f5:6f:4b:a0:54:bd:01:77:84:c0:ea:1c:e2:
22:42:13:e2:09:b3:a0:f4:16:76:ec:53:63:21:e3:b5:7e:be:
f2:d3:31:0c:e7:78:6f:4a:98:ba:72:22:bf:ed:8e:bf:a2:17:
7d:b4:f4:1a:f5:1f:46:10:f6:6c:c8:f7:1c:1f:ef:22:5e:31:
1b:22:9b:ac:57:31:cb:57:cd:f3:b5:69:df:98:6a:40:49:60:
95:f9:f5:f7:33:0e:06:12:c5:a4:0c:e7:3e:b1:9a:b1:2a:12:
0f:49:95:b9:f2:4b:9c:bf:6d:49:66:36:5f:2b:0a:8f:b8:13:
8e:5a:a6:1d:f1:81:b2:5f:96:2a:32:48:3b:ec:c4:4f:45:9a:
8f:47:48:47
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAYdMgxhg+ylzy3jeW/2z9dViMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0OTEyMmMzNTQzOGE0ZWIyNjIzM2ZkYzZlNGJiMWRmMmRh
YWVmNDIwHhcNMjMwNDA0MTM0NDMyWhcNMjQwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjgxMDg2OTAwN2UyZTBiYzA1Yjk3NDVhZGQ0ZDBlNjZjYjExOWFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoWI58PHgC7Y9JhwsVgkUxUrOvFMp
CKUVtwfJI6K4Kbfhr+fN7sVts3C3+jTCUieKhpXhBkY7bb93fV6zuNjI8E2Pf56W
1OJqbgQOsHlonaoLAhiLJk8OJNSu2ki9V9oyfKH+xQ/oRuNtQLOCkj7b4ePfQnMZ
WfKHvXma79MIBp3K2zZXkBTrJ1dQNUlO1vV284Y4ZPOfD3mcrJ1yo4eRUR+SWMOk
W5XPbcJgDsRzNhwHgXngiQz53Q9/PeODw8YtMopOKAWP5ybo5x5Kpkvewwwzm81A
y4r/qgn7NBhvKPFT6lHm7byFuDmBDYOwc0jS4rRzjMvZc6NelIYyd9rYeQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFAaBCGkAfi4LwFuXRa3U0OZssRmsMB8GA1UdIwQY
MBaAFHSRIsNUOKTrJiM/3G5Lsd8tqu9CMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQt
MDYyYzY5MzNhYmVkLzEvQm9FSWFRQi1MZ3ZBVzVkRnJkVFE1bXl4R2F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC8xOGE5MWMtMGU3Ny00NWM5LThjYzQtMDYyYzY5MzNhYmVk
LzEvZEpFaXcxUTRwT3NtSXpfY2JrdXgzeTJxNzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAkp4fMA0G
CSqGSIb3DQEBCwUAA4IBAQAygf4oW8d8AvxUKZrRej1P+rHNQKOBEhqSnk50DRFx
4gU2lo+xgsBv3LpVKrBfWuS2xc2UUjEHyiEAnzwXMasAov5iNggoojareRk2QNa3
X+eF2wBmacY26nwC1uUyu/poX0gAR138/vLZHfoLNrZUCPVvS6BUvQF3hMDqHOIi
QhPiCbOg9BZ27FNjIeO1fr7y0zEM53hvSpi6ciK/7Y6/ohd9tPQa9R9GEPZsyPcc
H+8iXjEbIpusVzHLV83ztWnfmGpASWCV+fX3Mw4GEsWkDOc+sZqxKhIPSZW58kuc
v21JZjZfKwqPuBOOWqYd8YGyX5YqMkg77MRPRZqPR0hH
-----END CERTIFICATE-----
Generated at Mon Apr 7 23:51:02 2025 by rpki-client